Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
45 Cards in this Set
- Front
- Back
the act of falsifying the source IP address in an IP packet
|
address spooking
|
|
a formula used to process data for encryption or decryption
|
algorithm
|
|
an encryption method that uses two different keys.
|
asymmetrical encryption
|
|
the process through which a computer's identity is verified
|
authentication
|
|
the IPSec mode that performs authentication and ensures data integrity on teh entire IP packet, including the headers
|
authentication headers (AH) mode
|
|
a part of public key infrastructure that contains a public key and an expiry date.
|
certificate
|
|
a service installed in Windows Server 2003 that allows it to act as a certificate authority
|
Certificate Services
|
|
a server that issues certificates
|
certificate authority (CA)
|
|
data that has been encrypted
|
ciphertext
|
|
the process of encrypting and decrypting messages and files using an algorithm
|
cryptography
|
|
an algorithm for data encryption defined by the U.S. government in 1977 that uses 56-bit key
|
Data Encryption Standard (DES)
|
|
modifying the contents of packets that have been captured with a packet sniffer before resending them on the network
|
data modification
|
|
resending packets that have been previously captured with a packet sniffer
|
data replay
|
|
the process of making encrypted data readable
|
decryption
|
|
a process that uses both hash encryption and asymetrical encryption to ensure data integrity and nonrepudiation
|
digital signature
|
|
the IPSec mode that performs authentication , data integrity, and encryption onthe data portion of an IP packet.
|
encapsulating securiy payload (ESP) mode
|
|
the process of rendering data unreadable by applying an algorithm
|
encryption
|
|
a type of one-way encryption that cannot be decrypted. it is used to store information such as passwords and to create checksums.
|
hash encryprtion
|
|
a summary of the data being encrypted using hash encryption
|
hash value
|
|
a protocol used by IPSec to negotiate security parameters, perform authentication, and ensure the secure exchange of encryption keys.
|
Internet Key Exchange (IKE)
|
|
a list of IP protocols that are affected by a rule in an IPSec policy
|
IP filter list
|
|
a protocol that adds security functions to IPv4
|
IP Security (IPSec)
|
|
Defines what is done to traffic that matches an IP filter list in an IPSec rule
|
IPSec filter action
|
|
a set of rules that defines how packets are treated by IPSec. Must be applied
|
IPSec policy
|
|
the combination of an IP filter list and an IPSec filter action
|
IPSec rules
|
|
an MMC snap-in that allows the monitoring of IPSec security association and configuration
|
IPSec Security Monitor
|
|
The preferred authentication method used by Active Directory.
|
Kerberos
|
|
It is the simplest authentication method to implement for IPSec if all devices are part of the same Active Directory forset
|
Kerberos
|
|
a number, usually large to prevent it from being guessed used in combination with an algorithm to encrypt data
|
key
|
|
a hashing algorithm that produces a 129-bit message digest
|
Message Digest 5
|
|
a type of logging the reacks the establishment of security associations
|
Oakley logs
|
|
Software used to view (capture) all packets that are traveling on a network
|
packet sniffer
|
|
an IPSec authentication method whereby each device is preconfigured with a string of text
|
preshared key
|
|
the key in asymetrical encryption that is seen only by the user to which it is issued
|
private key
|
|
the key in asymetrical encryption that is freely distributed to other users
|
public key
|
|
an MMC snap-in that is used to troubleshoot the implementation of Group Policies
|
Resultant Set of Policy (RSoP) snap-in
|
|
a hashing algorithm that produces a 160-bit message digest
|
Secure Hashing Algorithm (SHA1)
|
|
a Transport Layer protocol that encrypts data commuincation between a client and service.
|
Secure Socket Layer (SSL)
|
|
the security terms negotiated between two hosts using IPSec
|
security association (SA)
|
|
encryption that uses the same key to encrypt and decrypt data
|
symetrical encryption
|
|
the IPSec mode used when two hosts create a security association directly between them
|
transport mode
|
|
a data encryption algorithm that uses three 56-bit keys in three rounds to give an effective key length of 168 bits
|
Triple Data Encryption Standard (3DES)
|
|
In tunnel mode, this is the other end if the tunnel with the local host
|
tunnel endpoint
|
|
the IPSec mode used when two routers encapsulate all traffic transferred between two or more networks
|
tunnel mode
|
|
a standard for certificates that was created by the International Telecommunication Union - Telecommunication (ITU-T)
|
X.509
|